passport-saml
Advanced tools
This is a SAML 2.0 authentication provider for Passport, the Node.js authentication library.
The code is based on Michael Bosworth's express-saml library.
$ npm install passport-saml
This example utilizes the Feide OpenIdp identity provider. You need an account there to log in with this. You also need to register your site as a service provider.
The SAML identity provider will redirect you to the URL provided by the path configuration.
passport.use(new SamlStrategy(
{
path: '/login/callback',
entryPoint: 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
issuer: 'passport-saml'
},
function(profile, done) {
findByEmail(profile.email, function(err, user) {
if (err) {
return done(err);
}
return done(null, user);
});
})
));
You need to provide a route corresponding to the path configuration parameter given to the strategy:
app.post('/login/callback',
passport.authenticate('saml', { failureRedirect: '/', failureFlash: true }),
function(req, res) {
res.redirect('/');
}
);
Use passport.authenticate(), specifying saml as the strategy:
app.get('/login',
passport.authenticate('saml', { failureRedirect: '/', failureFlash: true }),
function(req, res) {
res.redirect('/');
}
);
FAQs
SAML 2.0 authentication strategy for Passport
The npm package passport-saml receives a total of 113,876 weekly downloads. As such, passport-saml popularity was classified as popular.
We found that passport-saml demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Deno 2.2 enhances Node.js compatibility, improves dependency management, adds OpenTelemetry support, and expands linting and task automation for developers.
Security News
React's CRA deprecation announcement sparked community criticism over framework recommendations, leading to quick updates acknowledging build tools like Vite as valid alternatives.
Security News
Ransomware payment rates hit an all-time low in 2024 as law enforcement crackdowns, stronger defenses, and shifting policies make attacks riskier and less profitable.